Microsoft Ignite 2018–Windows Server 2019 Deep Dive

Azure

Hybrid is a first-thought thing in MS. It’s not bolted on. How do they make Azure one-click away for customers who need to connect.

Azure Pillar #2 is hybrid. Windows Server 2019 pillar #1 is Hybrid.

Admin Center

1.7 million servers under management since it launched a few months ago. All new features in Windows Server are in this free download. MMC development has stopped. It’s also the portal to hybrid. Feedback driven evolution. Partner solutions built in – Fujitsu and DataON for hardware management highlighted. SquaredUp SCOM and Azure monitoring highlighted. RiverBed highlighted too. HPE is in development (looks limited compared to Fujitsu and DataON). Lenovo has something coming too. No mention of Dell/EMC who are stuck in the 1990s

Still a place for System Center – bare metal deployment, application monitoring, etc.

Hybrid

The Azure Network Adapter. If you have a machine in an isolated location that needs to connect to an Azure vNet then one click in Admin Center and it creates a point-to-site VPN connection to an existing gateway. ASR is a one-click replication. Azure Backup now can be enabled on WS2012+ without installing MARS via Admin Center. W2008 R2 still requires a manual MARS installation. Very simplified deployment for file/folder and system state backup from the OS.

Azure Update Management

Extending Windows Update management from Azure to on-premises. This was a very complex deployment in the past. But through Admin Center it’s a short wizard.

Storage Replica TO Azure

This is in preview. You create a VM in Azure via Admin center, join it to a domain, etc via Admin Center. That’s the target. Then replication magically happens – didn’t see the required networking piece here so it might be a bit of an over-simplification.

Hyper-Converged Infrastructure

Hyper-converged is a play in server hardware modernisation – performance, security, support, etc. A video from Lenovo on their XClarity server management solution, that also integrtes into Admin Center – in preview today.

Storage Class Memory

Flash first came by USB. Then it moved to SAS/SATA. Then to PCI. Then NVMe to make it faster. Moving closer to the processor to reduce latency and increase performance. Storage Class Memory is next to the processor in a DIMM socket. It can be configured to look like storage, memory, or a mix of both. Can be an “insanely high speed cache”.

Demo on HCI by Cosmos Darwin. Previous demo in 2016 was 6.69million IOPS from 16 servers. This year they tested with Intel hardware (Optane) to get more performance. They deployed 12 nodes running with just these drive (2 per node) s for caching and NVMe for capacity. Also used future version Xeons. 100 TB of usable storage with free PCI slots and drive bays. The caching devices are striped at the memory controller level. Each NVMe is 8 TB each. They fire up VMs on one node and hit 1 million IOPS. Turn on node 2 and hit 2 million IOPS. Then they power up all 12 nodes VMs and hit 13 million IOPS from 24 U of servers. The growth was linear.

System Insights

Via Admin Center

Predictive capabilities for Windows Server 2019 locally on the server.

Predictive analytics

In the charts, it shows historical metrics, and projects how this will continue into the future.

Suggested actions, e.g. Extend volume Azure File Sync, Disk cleanup

Transform reactive emergencies into proactive management experiences.

Storage Migration

Customers find moving data to be hard. Means that old OS versions are hanging around. Need data to move, shares to move, folder/share ACLs, EFS, IP address, computer naming, etc must be possible to move. Storage Migration Service allows you to move data to Azure or file servers. It has support back to W2003 and up to WS2019 as a source. It inventories the source server. It then copies the data over to target server. Cutover hides the source server, freezes it, and transfers names/addresses to the new server so it becomes the active file server. You can export a CSV file with a log of every file transfer transaction with all the file attributes.

Storage

Cluster sets: a cluster of clusters with hundreds of nodes in a single unified namespace

Industry leading scale

Cosmos Darwin comes back out. Storage Spaces Direct isn’t just for VMs. Another scenario is a backup target where customers want larger capacity. Now it supports 4 PB of raw storage in a single cluster. With cluster sets, that increases. 4 PB is wikipedia in every language with the complete edit history 50 times. Demo of QCT servers with 527 drives – 72 dives per physical server. 3.64 PB of raw capacity. QCT is selling this today. They’ve benchmarked with Veeam, doing 25 GB/s of sustained data writes per hour.

Security

Shielded VMs.

Password Protection with Windows Server AD

Central risk: Passwords. Azure AD solved this issue in Premium. This has been projected down into ADDS. You get the same password checking on-prem that you can in the cloud. A free download that can be installed on WS2012 R2 domain controllers and later. Password enforcement will be the same in the cloud as in on-prem. Can be deployed in audit or enforcement modes. The agent on the DC talks to a proxy service and the proxy talks to the cloud. You register the proxy with the cloud and then install the agent on DCs. And then cloud-based enforcement starts to work. You can define your own weak password lists.

Features on Demand

Server Core numbers are allegedly increasing because of Admin Center.

What if I have to go to the VM and I need local tools.

What it s/w installer won’t install on Server Core?

Features on Demand is Server Core with an additional ISO of around 340 MB.

Archives

About this Blog

This blog serves 2 purposes. Firstly, I want to share information with other IT pros about the technologies we work with and how to solve problems we often face. I've worked with technologies from the desktop to the server, Active Directory, System Center, security and virtualisation.

Secondly, I use my blog as a notebook. There's so much to learn and remember in our jobs that it's impossible to keep up. By blogging, I have a notebook that I can access from anywhere. It has saved my proverbial many times in the past.

Waiver

Anything you do to your IT infrastructure, applications, services, computer or anything else is 100% down to your own responsibility and liability. Aidan Finn bears no responsibility or liability for anything you do. Please independently confirm anything you read on this blog before doing whatever you decide to do.